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Dont go home without it 

By Mark A. Kelner 
Special to GCN 

Routers, firewalls and loading devices help 
telecommuters ahd road warriors secure both 
their data arid computers 

If you still rieed eviderKe of the importance of 
securing computers — both the PCs themselves 
and their data— you don*t have to look further than 
the headlines trom earlier this year. 

In July, the FBI acMtted that 13 of its 13.000 
notefxx>k PCs were stolen. At least one of them 

oonfiained 
oonMential 
iiifuiiiiaGon from 
adosed 
irrvestigatk>n. 




Netgear lna*s FR3t4 adds 
firewal protection to a cable 
and DSL Router, Its priced at 
$305. 



AnartfrerlTI 
were missing or 
stolen. 



The FBI might 
have been 

embarrassed about the tnissing notebooks, but tt 
is rwt atone. In Britain, notebook PCs have been 
stolen fwm tt>e top-secret Ml^ and Ml-6 security 
agencies, and the country's Ministry of Defense 
has reported 59 machines stolen and eight k>st 

tf s no laughing matter One security manufactLHer 
estimates Ctiat 30,000 notetx>ok computers are 
stolen in U.S. airports every year. And Safsware 
Inc., a computer insurance agerx:y in Cotumtuis, 
Ohk>. has reported 387.000 notebook PC thefts 
last year, up 21 percent from 1999. 

Broadband opens a door 

On the data side, the White House's Web site, at 
www.wt^itehbuse.g ov. suffered three distrflxjted 
denial-of-service attacks during May. The WNle 
House also had to defend against the Code Red 
worm in July and Aiigust 

The t errori st strikes last month have heightened 
sectjrity concerns al afl levela. Such attacks ttHive 
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The lowdown 

♦ How tm porta nt is out-of-the-ofl 
perhaps more impoitant ttian it is in 
After all. most federal ofBoe tMiikSin^ 
measures arxl access controls in pl£ 
more difficult, though not impossible 
someorle's desk wiltiout authorizatic 
the road, yoiB- computer can t>e vuln 
to haddng if rs attached to some br 
networks. 

• Isn't broadband safe? Although 
providers offer various levels of sect 
of broadt>3rtd rtetworks can create h 
Intern^ systems are essentially a k> 
in a neighborhood- Wthotit safeguai 
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on the abilfty of hacicers to reach out and touch 
oomputers—partkrularty those cormected to 
broadt>and networks such as those using d^'rtal 
subscriber Knes or catile Internet 

In Apri. Ronald Dick, drector of the FBI's National 
Infrastructure Protection Center, told tt>e House 
Energy and Convnerce Committee that the threat 
of attadcs isn't going away. 

i^GcnotD-oofitrvrf OGCiHity 

Ttte Department of Defense reports ttiousands of 
potential cyt>erattdclcs launched against DOD 
systems. GAO reports that in 1999 and 2005. the 
Air Force. Amay and Navy recorded a combtir>ed 
total of 600 and 715 [serious] cyberattadcs, 
respectively,' he told the paneTs oversigK and 
tnvestigaGons sut>oommittee. 

The probierm of Gomputer seomty are heigh(er>ed 
tyy a government push toward teleoommuting. In 
August. Transportatiori Secretary Norman Mtneta 
toW a Los Angeled audierKe that the government 
is aimmg to incre^ the numt>er of people wtx> 
work remotely. 

"As a major employer, we in the federal 
government are increasing the nuniber of our own 
employees thai telework." he said. Mineta added 
that the fiscal 2001 Transportation Department 
appropriatior^ bilf requires agencies to make 25 
percent of their work forces eligible fcH- 
telecommuting by January and to add 25 percent 
each year after that unti afl eligSHe workers have 
the option. 

Such dispersion of workers wM require many to 
have high-speed access arKl appropriate 
computer equipment at home — but it wiH also 
leave the systems of some of those at-home 
workers vulnerable to ttieft or hacking. 

Theft on the road is a perpetual oorx:em for those 
wtio travel. 

On kxxth ends of the spectrum — data security and 
physk^at security — hardware is available to 
entrance protection. Although software can be 
used to create stkI maintain firewaUs, having a 
ptiysk3l arewall in place offers added security 
along with other advantages. 



office network connecSon, it is pos^ 
find you and spoof your computer's 
hardware firewaU can help fatock sue 

• Isn't a softwaiB firewaH enougl^ 
good fine of defense. t>ut fta>^ ttte 
ttiat a hardware firewaB pravkles cat 
particularly for teleoommufiag federE 
want to assure a tiigh level of avaitat 
rwtwork connecfions. 



• Must-know Info? The opportunit 
portable computer , either fay error or 
at>ound. Havmg accessories such ai 
cat)fe to arv:hor a qon^puter to a des 
detector alarm, can protect not only 
iHit also your data and work. 
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For makmg sure a notebook or desktop PC stays where it shouM. just about nothing beats a 
tf^ can anchor tf>e device to a desk or workbench. 

But effective security extertds t)eyond PCs. Telecommuters arul small-offfce users are findiri! 
to incorporate a rtetworking hub. either wired or wireless, so ttiey can work in dHTerent parts ! 

VSfined hut)s generaliy support 10- or 100-BaseT Ethernet standards, with adapters and wirint 
homes, or being t>uilt into newer ones. 

At the same time, ttte IEEE 602.1 lb wireless standard is gaining poputarfty as a networking 

Marry of these hut>s now inctode firewall protection, such as Netvrark Address Translation (N 
Translation (PAT) and Stafieful Packet Inspecfion. to ward off denial-of-service attacks. 

Know your networks 

NAT is Itie trartsfatton of an IP address used within one network to a dffferent IP address on 
to most cases, an brganizatfort wiH map focal, or inside, n^work addresses to one or rrKwe g 
http:/Avvw.gcti.com/state/7_10a/giiide/16744-IJitDil 5/5/2005 



Qowemment Linfcs 
Topic ResouTta Center^ 




PA^ 22/62 * RCVD AT 7/5/200S 1:25:17 PM [Eastern Daylight Time] * SVR:U^TO-EFXRF-1/3 ' DNIS:8729306 * CSID:415 576 0300 * DURATION (mm-ss):25*14 



07/03/2005 10:33 FAI 415 576 0300 S1023/062 



Spedal Reports 
Iff Blade ScffCfS 



addresses and unmapthe global IP address^ on inooming pad(^ back into local IP addre 

This approach can fnistrBte attempts by hackers to sniff or spoof a given IP address — one nr 
which a distibuted attack can be launched. 

PATis similar to NAT, and woilcs when routers aUow hosts on a LAN to comrmmicate with tt- 
revving their IP addresses. 

The ouax)und packets have their IP address trarislated to a router's exte^ 

the router, whnh then translates them t>ack into the private JP address of the original tiost fbt 

Also known as dynamk; packet laterlng, ^atefiit Packet Inspecfion is a firewall architecture fl 
netwoik layer and examines the content of a data packet as weff as Us header informatkxv It 
ttie packet against previous t>eliavior on ttie system, along with ryles set up fc>y the admtntstr 
protocols can help keep hackers away, sharply reduce Ihe possitMnty of distributed attacks a 
ffetworking capatiHities to remote kxations. 

At the same time, the. computer itself represents a securfty concern. 

Tbe toss or theft of a PC is, at rrmimum, a great inconvenience, resulting in I6st time and wo 
replao^nent is found. 

But in most cases, more than hardware Is lost: A k>t of labor can vanish in an instant. And i 
w^ sensftive infbmiatkx), a tost computer can sped tremendous trouble. 

CaMelockalot 

Keepng a rKvtebook PC secure can be akled by proper hardware add-ons, 

Akrtost every not6kx)ok computer released in the tel five years has had a smaH stot into ^ 
be irtserted. This so-oRed Kensington stot. named after the company that originated and | 
locking concept, can handle cat>les arid even motion-sensitllve alanns as part of a seority j 

And the aiarms are most often found on a carrying case for a PC. where they can come in j 
where you may be distracted. 

The piercing alarm emitted by the device can scare off a thief, who'd rattier not be noticed 

Mark A. Kettner is a fnoe-fanco technology writer in Mama Del Rey, CaHf. E-maS turn af 
mafkS>keanef2O00.oom . 
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. II Looldnq fb^ Managed Netscreen Firewall Security? 

Interland Managed Hosting Solutions jrK:lude Oecficated VPNs. Enhanced Security At 
Receive 100% uptime. 24/7 Expect Tech Support featuring Linux or Windows IBI^ eS4 
hardware replaoement guaranteed. 

II ggcvrny WitMP- ggfifigMfatipn based Securi^ 

Good rr secitfity practice requires more than anti-vinis and firewall systems. Ask for c 
"Security Wilhiri - Configuratton Based Securtty*. wtuch descn~bes the reasons for a cc 
monitorirtg system. 

f' 

li E^rotePl yo ur business from spam and viruses 

Learn how VeriStgn EmoA Security Service protects your network from spam arxl wru 
tiardwvare or software to instafl. Take advantage of the Hmited time Competitive Upgra 
discounts up to 40%. cali for details. 

II Policy Ptefiagement V9. Vulnerabnity Scanning 

\Aftuch is right for you? Vutnerabilrly scanning products test for Known virfnerabOfties. F 
products are pro-active toddng the doors in advmice of a possible attack. C&ck to r 
paper. 

II Buy or Rer tf tJsed Cisco Egui p mertt- Gov. Dis<uxgrt 

Buy^ Rent or lease used, refurbished, Cisco Routers and Switcties at ^eat dtecount a 
War^tiouse. Thousands of satisfied customers, One-Year Warranty. 6SA contract ho 
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